Volume 6, Number 20 -- May 21, 2008

Symantec Combats Phishing with New Services Offering

Published: May 21, 2008

by Alex Woodie

IT security giant Symantec Monday launched a new initiative to fight phishing, pharming, and other rapidly spreading types of online fraud targeting banks, e-commerce sites, brokerage houses, and other B2B or B2C institutions where lots of money changes hands. Under the new offering, called Online Fraud Protection Services, Symantec will bring to bear a battery of methods and techniques to block attacks launched against individual companies and their brands and, if possible, work with law enforcement to put the perps behind bars.

It was with great fanfare that the world celebrated the 30th birthday of spam recently. The hammy substance was served, with a nod and a wink, in a cheeky affirmation of the impact that unsolicited commercial e-mail has had on our culture. Nobody really likes spam, but we view it as mostly harmless, so we can collectively laugh about it, and maybe even tip our hats to some of truly creative and funny pieces of spam we've received over the last decade.

Unfortunately, behind spam's innocent facade lies a darker reality involving identity theft, organized crime, and billions of dollars in ill-gotten gains. At some point over the last five years, criminals realized they could use the techniques of the spammer--e-mail pitches sent to millions of inboxes--to direct people to counterfeit Web sites, where they are tricked into entering bank account numbers, PIN numbers, social security numbers, and other pieces of personal information that enable criminals to steal their money.

This activity is called phishing, and it's spreading quite rapidly, according to Symantec's latest bi-annual Internet Security Threat Report. "One of the most significant things that we saw [in the last report] was a precipitous increase in phishing attacks in the six-month period between June and December of last year," says Ted Donat, director of product management for Symantec Consulting Services.

Phishing, By the Numbers

The number of phishing Web sites has skyrocketed, according to Symantec's research. During the last six months of 2006, Symantec had recorded a total of about 13,400 phishing Web sites in existence. By December 2007, that number had increased by about 650 percent, to almost 88,000 phishing Web sites. And in just the first two months of 2008, the number of phishing Web sites jumped another 70 percent.

One reason phishing is taking off in popularity is because it is so easy to do, and so financially rewarding. Donat's team performed a return on investment (ROI) analysis for phishing (using assumptions based on the effectiveness of legitimate direct marketing efforts), and the results are somewhat disturbing.

According to the ROI analysis, a phisher equipped with an easily obtainable phishing kit can send out 2 million fraudulent e-mails fairly easily, and the e-mails may actually get through to 5 percent, or 100,000 inboxes. The analysis then assumes that another five percent of this subset, or 5,000 people, will actually click on the link taking them to the phishing Web site, and two percent of that subset, or 100 people, will enter data. Assuming that the average person loses $1,244 per identity theft incident, the phisher stands to make about $125,000 from his or her work.

While individual victims lose money in the deal, the companies being spoofed by the phishing fraudsters also lose something: customers' trust in their brands.

"What customers are saying is that, specifically at the financial services level, they are very, very concerned about brand erosion that results from phishing attacks," Donat says. "If you get an e-mail in your inbox that purports to be from Ted's, and it's a fraudulent e-mail, and then you go click on a Web site and can potentially lose money from it, that's really an attack on the brand, because somebody has hijacked your brand for nefarious purposes. And the next time that user gets an e-mail from you, she's going to think twice before clicking on it, or even worse, decide not to do business online with you because you're not taking adequate steps to protect that."

Symantec aims to protect the reputations of banks and other institutions doing business online with its new Online Fraud Protection Services offering, which launched yesterday. The offering is a comprehensive program that uses several approaches to fight the affect of phishing and other Web-based attacks, including pharming (where users attempt to visit legitimate site but are directed to a malicious site through DNS redirection), Vishing (involves a telephone), SMiShing (phishing via SMS), cyber squatting, typo squatting, form grabbing, screen dumping, code injections, and malware-based attacks.

Multi-Pronged Attack on Phishing

Symantec's program starts off with an on-site assessment by a Symantec expert, who will analyze the customer's risk exposure for online fraud, and then devise a plan and a series of steps to minimize that risk. This assessment costs about $75,000 for a typical bank.

The plan could call for a 24/7 incident-monitoring response capability, whereby Symantec security professionals will monitor the Web (via its Global intelligence Network, a series of sensors, decoy e-mail accounts, and desktop nodes) for phishing activity targeted at a particular bank or brand. Once they've spotted an attack, Symantec will take steps necessary to track down the source of those e-mails, send the perpetrators cease and desist letters, and follow up on those letters with the ISPs and regional authorities to get the sites shut down or the criminals locked up. Symantec can provide this brand protection services for about $100,000 per year per individual brand.

The plan could call for implementing stronger security mechanisms on the Web site, such as a two-factor authentication program or a secondary password checker. Symantec can assist with installing these systems. Customers with the highest needs might opt for Symantec's on-site support. Under this program, a Symantec resident will set up shop in the company's headquarters, where they will oversee brand protection activities. Symantec will charge about $250,000 per year for on-site support as part of this program.

Customers can also choose Symantec's incident response services, which directs fraud-related calls to Symantec's data center. Customers that don't need the full support, from 8 a.m. to 5 p.m. every weekday, can opt to share this Symantec resource with other institutions for a reduced fee. Symantec will also work with the institution's public relations department to implement customer education programs and making sure the PR personnel are prepared for the bad publicity that can result from attacks. The program even includes an option for the customer to OEM Symantec's software and resell it to its customers.

Online Fraud Protection Services is a unique offering, Donat says. "We've done this for years on the security side with incident response, and now we're repurposing it for specific online fraud incidents," he says. "There are threats on the horizon. They may not be at your doorstep today, but they will be down the road."

It takes a comprehensive program like this to combat phishing and "stay ahead of these folks who are very determined to steal this information," Donat says. "It is very challenging to find these folks a lot of the times," he says. "Most of the time we're able to shut them down. Sometimes they may pick up and move someplace else, but at least we've got them on the run a little bit. We're making it more difficult for them to do their jobs."


Decline In Vulnerabilities Belies Threat Increase, Microsoft Says in New Security Report

Surf's Up for Web-Based Organized Crime, IBM X-Force Says

Bleak Outlook for Information Security, According to Researchers

In Search Of a More Secure Internet

Security Attacks and Breaches on the Rise

MPack Hacker Tool Claims 10,000 Compromised Web Sites

                     Post this story to
               Post this story to Digg
    Post this story to Slashdot

Sponsored By

For a limited, Storage Guardian is offering
our remote backup services at a rate of
$8/compressed GB/month (based on a
3:1 compression ratio) with
No Minimum GB/month Commitment.

                                            · Backup System State / Active Directory
                                            · SQL, MS Exchange, .PST files "Open & Locked"
                                            · Bare Metal Restore

Get your estimate NOW at:

Editor: Alex Woodie
Contributing Editors: Dan Burger, Joe Hertvik,
Shannon O'Donnell, Timothy Prickett Morgan
Publisher and Advertising Director: Jenny Thomas
Advertising Sales Representative: Kim Reed
Contact the Editors: To contact anyone on the IT Jungle Team
Go to our contacts page and send us a message.

Sponsored Links

COMMON:  Join us at the annual 2009 conference, April 26 - April 30, in Reno, Nevada
Storage Guardian:  Remote backup services at a special rate of $8/compressed GB/month is the resource for job transitions after age 40



IT Jungle Store Top Book Picks

Getting Started with PHP for i5/OS: List Price, $59.95
The System i RPG & RPG IV Tutorial and Lab Exercises: List Price, $59.95
The System i Pocket RPG & RPG IV Guide: List Price, $69.95
The iSeries Pocket Database Guide: List Price, $59.00
The iSeries Pocket Developers' Guide: List Price, $59.00
The iSeries Pocket SQL Guide: List Price, $59.00
The iSeries Pocket Query Guide: List Price, $49.00
The iSeries Pocket WebFacing Primer: List Price, $39.00
Migrating to WebSphere Express for iSeries: List Price, $49.00
iSeries Express Web Implementer's Guide: List Price, $59.00
Getting Started with WebSphere Development Studio for iSeries: List Price, $79.95
Getting Started With WebSphere Development Studio Client for iSeries: List Price, $89.00
Getting Started with WebSphere Express for iSeries: List Price, $49.00
WebFacing Application Design and Development Guide: List Price, $55.00
Can the AS/400 Survive IBM?: List Price, $49.00
The All-Everything Machine: List Price, $29.95
Chip Wars: List Price, $29.95

The Four Hundred
The Demographics of i Sales and Shipments

The i Edition of the BladeCenter S Finally Launches

HP More Than Doubles Services Biz with EDS Acquisition

Mad Dog 21/21: Saying No No No

A Word Cloud of IBM Server Brand Names

The Linux Beacon
NYSE Euronext Trades Mainframes and Unix for Linux and X64

Canonical Founder Calls for Synchronized Linux Releases

AMD Ships Low-Power Barcelonas as Two More Execs Exit

New and Updated Barcelona Boxes Debut from Sun

VMware Tweaks Virtualization Stack, Boasts of Greenness and Sales

Four Hundred Stuff
Symantec Combats Phishing with New Services Offering

BCD Slings a New C#-Based GUI with Catapult 7.0

SkyView and Innovatum Formalize Partnership with New Product

Profound Eliminates OLTP Requirement with Web Enablement Software

140 Apps and (Hopefully) Counting for i 6.1

Big Iron
NYSE Euronext Trades Mainframes and Unix for Linux and X64

Top Mainframe Stories From Around the Web

Chats, Webinars, Seminars, Shows, and Other Happenings

Four Hundred Guru
Writing Secure PHP Applications

Use PCOMM Scripts to Execute Remote PC Commands

Admin Alert: Things to Do When Adding Drives to a System

System i PTF Guide
May 17, 2008: Volume 10, Number 20

May 10, 2008: Volume 10, Number 19

May 3, 2008: Volume 10, Number 18

April 26, 2008: Volume 10, Number 17

April 19, 2008: Volume 10, Number 16

April 12, 2008: Volume 10, Number 15

The Unix Guardian
New and Updated Barcelona Boxes Debut from Sun

HP More Than Doubles Services Biz with EDS Acquisition

Java Performance Is OS Agnostic on Power6 Gear

As I See It: Soothing the Savage Programmer

VMware Tweaks Virtualization Stack, Boasts of Greenness and Sales

Four Hundred Monitor
Four Hundred Monitor's
Full iSeries Events Calendar


Danik Consulting
Storage Guardian

Printer Friendly Version

Micro-Hoo is Back On the Table, But In a Different Form

Developers Cool to Vista, Evans Study Finds

Global Sales Save HP's Financial Cookies in the Second Quarter

Symantec Combats Phishing with New Services Offering

Microsoft Heads Aberdeen's List of Top 100 Tech Companies

But Wait, There's More:

Microsoft Ships Windows HPC Server 2008 Beta 2 . . . Force Microsoft to Support ODF, Group Asks EC . . . IDC Cautiously Reaffirms IT Spending Projections for 2008 . . . IBM Announces Improved X64 and Cell Blade Servers . . . Dangerous Times: Ballmer Dodges Eggs, While Gates 'Sued' Over Broken Toe . . .

The Windows Observer


Subscription Information:
You can unsubscribe, change your email address, or sign up for any of IT Jungle's free e-newsletters through our Web site at

Copyright © 1996-2008 Guild Companies, Inc. All Rights Reserved.
Guild Companies, Inc., 50 Park Terrace East, Suite 8F, New York, NY 10034

Privacy Statement